Excerpt from Network Security Auditing. Auditing is one of the most important aspects of maintaining a secure IT system.
Excerpt from Network Security Auditing. | |
By Chris Jackson Published by Cisco Press ISBN-10: 1-58705-352-7 ISBN-13: 978-1-58705-352-8 |
Do you want to know a secret? Security isn’t about hacking, nasty, malicious software or the vulnerability of the day. Security is about maintaining a system and process that provides access to critical data without exposing your company or customers to excessive risk. Auditing is one of the most important aspects of maintaining that system, because it provides the opportunity to test assumptions about the security posture of networked systems and compare that posture with standards and regulations. Auditors ask the questions “How do you know that you are secure?” and “Can you prove that your security technology works?”